Worst fears confirmed as House committee finds security lapse at Commerce Dept.


The Government Accountability Office (GAO) ran a test at the House Science Committee’s urging to determine whether undercover agents could breach the physical security of the National Institute of Standards and Technology (NIST). The answer: Yes, with 100-percent success.

During 15 out of 15 attempts, the hackers were able to gain entrance, Committee Chairman Lamar Smith (R-Texas) said Wednesday, during a hearing on the institute’s cybersecurity. The GAO presented a full report, including videotapes of the test, to the committee before the hearing.

“Their findings are alarming and confirmed our worst fears,” said Smith. “NIST is a sieve.”

NIST is a division of the U.S. Commerce Department. It conducts research to promote and maintain measurement standards, as well as provides programs for encouraging and assisting industry and science to develop and use the standards.

According to its website, NIST measurements “support the smallest of technologies to the largest and most complex of human-made creations,” including global communication networks, voting machines, and nuclear reactors.

Citing security concerns, the full report was not released to the public, and the specifically-tested security vulnerabilities are being withheld. However, portions that were released note a variety of problems with NIST security, including poor training of security experts and scientists, and a divided security strategy where some responsibilities are overseen by the Commerce Department and others by NIST.

The GAO report points to poor integration between the two branches, yet the security structure is required by statute, and only Congress can change it.

The NIST and the Department of Commerce have accepted the recommendations in the report, according to reports.

The GAO did not say if the hackers had access to computers that could be infected with malware, or if the undercover agents were in labs. A GAO representative did note that considering the NIST facilities exist for the most part so that outside laboratories and offices can be hosted there to perform tests, it would be reasonable to assume the agents had access to one or both.

The House Science Committee is currently working to get the videos released.

If you would like to receive Breaking News text alerts on a smartphone or tablet, download the DML APP which is completely FREE and easy to use. Go to the Google Play Store or the IOS App Store and search for DML APP. Be sure to keep the app’s notifications setting on. Another way to receive alerts is to text to 40404 the following message: follow @realdennislynch (be sure to put a space between the word follow and the @ symbol).

To see more stories like this, sign up below for Dennis Michael Lynch’s email newsletter.


Comment via Facebook

Send this to a friend